Tim Cappalli

I'll just add that this is a discussion that has been happening in the DCP working group. I don't think this is in scope for the web platform API.

> What is the DCP working group https://openid.net/wg/digital-credentials-protocols/ It is not entirely clear what specifically you're trying to mitigate. Is it that you don't want two credential managers to be...

WebAuthn hybrid meeting on 2025-04-11: there is multi-implementer interest in exploring this feature for L4.

> but if the user agent didn’t have any credentials to show in modal UI, rather than immediate signal that state, the callback simply is not called. The challenge is...

Should we consider a pattern similar to implementations of the Payment Handler / Payment Request APIs where the client offers the ability for users to disable this feature @kenrb /...

@jyasskin > The core benefit of immediate mediation (or [uiMode](https://github.com/w3c/webauthn/wiki/Explainer:-WebAuthn-immediate-mediation#api)) seems to be that, if a user creates a synced passkey on one ("source") device, and then tries to log...

@jyasskin it is in the intro of the explainer: "This modality fails promptly if no credentials are immediately available, and thus allows sites to direct users to fallback sign-in methods...

> The original credential was bound to the user's device. And after introducing passkey, the credential is now bound to the user's account of the underlying passkey providers. There is...

In most cases (all cases today), the browser does not interact with the wallet (just like in most cases in WebAuthn, the browser does not interact directly with the authenticator)....

> @erik-anderson Could we instead have something like a .well-known file hosted by the issuer that contains a list of all platform/app identity combos that it considers to be itself?...